Segurança e ajustes nos pacotes

PauloGladson
1 parent 6e126b79
Showing 16 changed files with 301 additions and 129 deletions Show diff stats
demoiselle-parent/pom.xml
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/DemoiselleRESTException.java
demoiselle-rest/src/main/java/org/demoiselle/jee/ws/jaxrs/exception/mapper/GenericExceptionMapper.java
demoiselle-security-basic/pom.xml
demoiselle-security-basic/src/main/java/org/demoiselle/jee/security/basic/impl/TokensManagerImpl.java
demoiselle-security-jwt/src/main/java/org/demoiselle/jee/security/jwt/impl/TokensManagerImpl.java
demoiselle-security-token/src/main/java/org/demoiselle/jee/security/token/impl/TokensManagerImpl.java
demoiselle-security/pom.xml
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/DemoiselleSecurityException.java
demoiselle-security/src/main/java/org/demoiselle/jee/security/exception/NotLoggedInException.java
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/DemoisellePrincipalImpl.java
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/SecurityContextImpl.java
demoiselle-security/src/main/java/org/demoiselle/jee/security/impl/TokenImpl.java
demoiselle-security/src/main/java/org/demoiselle/jee/security/message/DemoiselleSecurityMessages.java
demoiselle-security/src/main/resources/messages.properties
demoiselle-security/src/main/resources/org/demoiselle/jee/security/message/DemoiselleSecurityMessages.properties
@@ -179,6 +179,18 @@
                 <artifactId>demoiselle-security</artifactId>
                 <version>${project.version}</version>
             </dependency>
+            
+            <dependency>
+                <groupId>org.demoiselle.jee</groupId>
+                <artifactId>demoiselle-rest</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            
+            <dependency>
+                <groupId>org.demoiselle.jee</groupId>
+                <artifactId>demoiselle-persistence-jpa</artifactId>
+                <version>${project.version}</version>
+            </dependency>
         </dependencies>
@@ -12,30 +12,30 @@ import org.demoiselle.jee.core.exception.DemoiselleException;
 public class DemoiselleRESTException extends DemoiselleException {
-	private static final long serialVersionUID = 519965615171844237L;
+    private static final long serialVersionUID = 519965615171844237L;
-	private HashMap<String, String> messages = new HashMap<String, String>();
+    private HashMap<String, String> messages = new HashMap<String, String>();
-	private int statusCode;
+    private int statusCode;
-	public DemoiselleRESTException() {
+    public DemoiselleRESTException() {
-	}
-	
-	public DemoiselleRESTException(String string) {
-		super(string);
-	}
+    }
-	public int getStatusCode() {
-		return statusCode;
-	}
+    public DemoiselleRESTException(String string) {
+        super(string);
+    }
-	public void addMessage(String field, String msg) {
-		this.statusCode = 422;
-		messages.put(field, msg);
-	}
+    public int getStatusCode() {
+        return statusCode;
+    }
-	public HashMap<String, String> getMessages() {
-		return messages;
-	}
+    public void addMessage(String field, String msg) {
+        this.statusCode = 422;
+        messages.put(field, msg);
+    }
+
+    public HashMap<String, String> getMessages() {
+        return messages;
+    }
 }
@@ -21,48 +21,52 @@ import org.demoiselle.jee.ws.jaxrs.exception.DemoiselleRESTException;
 @Provider
 public class GenericExceptionMapper implements ExceptionMapper<Exception> {
-	public Response toResponse(Exception ex) {
+    public Response toResponse(Exception ex) {
-		StringWriter errorStackTrace = new StringWriter();
-		ex.printStackTrace(new PrintWriter(errorStackTrace));
+        StringWriter errorStackTrace = new StringWriter();
+        ex.printStackTrace(new PrintWriter(errorStackTrace));
-		// Verifica se a exception é de validação de PAYLOAD do REST
-		if (ex.getCause() instanceof DemoiselleRESTException) {
-			DemoiselleRESTException exDemoiselleREST = (DemoiselleRESTException) ex.getCause();
-			if (!exDemoiselleREST.getMessages().isEmpty()) {
-				return Response.status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessages())
-						.type(MediaType.APPLICATION_JSON).build();
-			}
-		}
+        // Verifica se a exception é de validação de PAYLOAD do REST
+        if (ex instanceof DemoiselleRESTException) {
+            DemoiselleRESTException exDemoiselleREST = (DemoiselleRESTException) ex;
+            if (!exDemoiselleREST.getMessages().isEmpty()) {
+                return Response.status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessages())
+                        .type(MediaType.APPLICATION_JSON).build();
+            } else if (exDemoiselleREST.getStatusCode() > 0){
+                return Response.status(exDemoiselleREST.getStatusCode()).entity(exDemoiselleREST.getMessage())
+                        .type(MediaType.APPLICATION_JSON).build();
+            }
-		HashMap<String, String> entity = new HashMap<String, String>();
+        }
-		// No caso de existir message ele mostra a MESSAGE da Exception
-		if (ex.getMessage() != null) {
-			entity.put("error", ex.getMessage());			
+        HashMap<String, String> entity = new HashMap<String, String>();
-			// Pega toda as mensagens da stacktrace
-			int level = 1;
-			while (ex.getCause() != null) {
-				ex = (Exception) ex.getCause();
-				if (!ex.getMessage().isEmpty()) {
-					entity.put("inner_cause_" + level, ex.getMessage());
-				}
-				level += 1;
-			}
-			
-			// Por padrão retorna SERVER ERROR, mas tenta encontrar o status do RESPONSE se for WebApplicationException
-			// http://docs.oracle.com/javaee/7/api/javax/ws/rs/WebApplicationException.html
-			int responseCode = Response.Status.INTERNAL_SERVER_ERROR.getStatusCode();
-			if (ex instanceof WebApplicationException) {
-				responseCode = ((WebApplicationException)ex).getResponse().getStatus();
-			}
+        // No caso de existir message ele mostra a MESSAGE da Exception
+        if (ex.getMessage() != null) {
+            entity.put("error", ex.getMessage());
-			return Response.status(responseCode).entity(entity).type(MediaType.APPLICATION_JSON).build();
-		}
+            // Pega toda as mensagens da stacktrace
+            int level = 1;
+            while (ex.getCause() != null) {
+                ex = (Exception) ex.getCause();
+                if (!ex.getMessage().isEmpty()) {
+                    entity.put("inner_cause_" + level, ex.getMessage());
+                }
+                level += 1;
+            }
-		entity.put("error", "Erro interno desconhecido no servidor.");
-		return Response.status(500).entity(entity).type(MediaType.APPLICATION_JSON).build();
-	}
+            // Por padrão retorna SERVER ERROR, mas tenta encontrar o status do RESPONSE se for WebApplicationException
+            // http://docs.oracle.com/javaee/7/api/javax/ws/rs/WebApplicationException.html
+            int responseCode = Response.Status.INTERNAL_SERVER_ERROR.getStatusCode();
+            if (ex instanceof WebApplicationException) {
+                responseCode = ((WebApplicationException) ex).getResponse().getStatus();
+            }
+
+            return Response.status(responseCode).entity(entity).type(MediaType.APPLICATION_JSON).build();
+        }
+
+        entity.put("error", "Erro interno desconhecido no servidor.");
+        return Response.status(500).entity(entity).type(MediaType.APPLICATION_JSON).build();
+    }
 }
@@ -22,6 +22,11 @@
             <groupId>org.demoiselle.jee</groupId>
             <artifactId>demoiselle-security</artifactId>
         </dependency>
+        
+        <dependency>
+            <groupId>org.demoiselle.jee</groupId>
+            <artifactId>demoiselle-persistence-jpa</artifactId>
+        </dependency>
     </dependencies>
 </project>
@@ -5,9 +5,12 @@
  */
 package org.demoiselle.jee.security.basic.impl;
+import java.io.UnsupportedEncodingException;
+import java.util.Base64;
 import java.util.logging.Logger;
 import javax.enterprise.context.Dependent;
 import javax.inject.Inject;
+import javax.persistence.EntityManager;
 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
 import org.demoiselle.jee.core.interfaces.security.Token;
 import org.demoiselle.jee.core.interfaces.security.TokensManager;
@@ -20,34 +23,40 @@ import org.demoiselle.jee.core.interfaces.security.TokensManager;
 public class TokensManagerImpl implements TokensManager {
     @Inject
-    private Logger logger;
+    private DemoisellePrincipal loggedUser;
     @Inject
     private Token token;
     @Inject
-    private DemoisellePrincipal loggedUser;
+    private Logger logger;
+
+    @Inject
+    private EntityManager entityManager;
     @Override
     public DemoisellePrincipal getUser() {
-        if (loggedUser == null) {
-            if (token.getKey() != null && !token.getKey().isEmpty()) {
-                // desfaz o basic
-                return loggedUser;
-            }
+        try {
+
+            byte[] asBytes = Base64.getDecoder().decode(token.getKey());
+            String login = new String(asBytes, "utf-8");
+            loggedUser = (DemoisellePrincipal) entityManager.createNativeQuery("select * from usuario where usuario = " + login.split(":")[0] + " senha = " + login.split(":")[1]).getResultList().get(0);
+
+        } catch (UnsupportedEncodingException ex) {
+            logger.severe(ex.getMessage());
         }
+
         return loggedUser;
     }
     @Override
     public void setUser(DemoisellePrincipal user) {
-        String value = null;
-
+        loggedUser = user;
     }
     @Override
     public boolean validate() {
-        return true;//(getUser() != null && repo.get(token.getKey()).);
+        return getUser() != null;
     }
 }
@@ -5,12 +5,11 @@
  */
 package org.demoiselle.jee.security.jwt.impl;
-import com.google.gson.Gson;
-import java.security.Key;
-import java.security.Principal;
-import java.util.logging.Level;
+import java.util.List;
+import java.util.Map;
 import java.util.logging.Logger;
 import javax.enterprise.context.Dependent;
+import javax.enterprise.context.RequestScoped;
 import javax.inject.Inject;
 import javax.servlet.http.HttpServletRequest;
 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
@@ -36,7 +35,7 @@ public class TokensManagerImpl implements TokensManager {
     @Inject
     private HttpServletRequest httpRequest;
-    private RsaJsonWebKey rsaJsonWebKey;
+    private static RsaJsonWebKey rsaJsonWebKey;
     @Inject
     private Logger logger;
@@ -48,12 +47,14 @@ public class TokensManagerImpl implements TokensManager {
     private DemoisellePrincipal loggedUser;
     public TokensManagerImpl() throws JoseException {
-        RsaJsonWebKey chave = RsaJwkGenerator.generateJwk(2048);
-        logger.info("Se você quiser usar sua app em cluster, coloque o parametro jwt.key no app.properties e reinicie a aplicacao");
-        logger.log(Level.INFO, "jwt.key={0}", chave);
-        logger.info("Se você não usar esse parametro, a cada reinicialização será gerada uma nova chave privada, isso inviabiliza o uso em cluster ");
-        rsaJsonWebKey = (RsaJsonWebKey) RsaJsonWebKey.Factory.newPublicJwk((Key) chave);
-        rsaJsonWebKey.setKeyId("demoiselle-security-jwt");
+        if (rsaJsonWebKey == null) {
+//        RsaJsonWebKey chave = RsaJwkGenerator.generateJwk(2048);
+//        logger.info("Se você quiser usar sua app em cluster, coloque o parametro jwt.key no app.properties e reinicie a aplicacao");
+//        logger.log(Level.INFO, "jwt.key={0}", chave);
+//        logger.info("Se você não usar esse parametro, a cada reinicialização será gerada uma nova chave privada, isso inviabiliza o uso em cluster ");
+            rsaJsonWebKey = (RsaJsonWebKey) RsaJsonWebKey.Factory.newPublicJwk(RsaJwkGenerator.generateJwk(2048).getKey());
+            rsaJsonWebKey.setKeyId("demoiselle-security-jwt");
+        }
     }
     @Override
@@ -68,12 +69,18 @@ public class TokensManagerImpl implements TokensManager {
                         .setVerificationKey(rsaJsonWebKey.getKey()) // verify the signature with the public key
                         .build(); // create the JwtConsumer instance
                 JwtClaims jwtClaims = jwtConsumer.processToClaims(token.getKey());
-                loggedUser = new Gson().fromJson((String) jwtClaims.getClaimValue("user"), DemoisellePrincipal.class);
+                loggedUser.setId((String) jwtClaims.getClaimValue("id"));
+                loggedUser.setName((String) jwtClaims.getClaimValue("name"));
+                loggedUser.setRoles((List) jwtClaims.getClaimValue("roles"));
+                loggedUser.setPermissions((Map) jwtClaims.getClaimValue("permissions"));
+                //loggedUser = new Gson().fromJson((String) jwtClaims.getClaimValue("user"), DemoisellePrincipal.class);
                 String ip = httpRequest.getRemoteAddr();
                 if (!ip.equalsIgnoreCase((String) jwtClaims.getClaimValue("ip"))) {
                     return null;
                 }
             } catch (InvalidJwtException ex) {
+                loggedUser = null;
+                token.setKey(null);
                 logger.severe(ex.getMessage());
             }
         }
@@ -92,23 +99,27 @@ public class TokensManagerImpl implements TokensManager {
             claims.setNotBeforeMinutesInThePast(1);
             claims.setClaim("ip", httpRequest.getRemoteAddr());
-            claims.setClaim("user", new Gson().toJson(user));
+            claims.setClaim("id", (user.getId()));
+            claims.setClaim("name", (user.getName()));
+            claims.setClaim("roles", (user.getRoles()));
+            claims.setClaim("permissions", (user.getPermissions()));
             JsonWebSignature jws = new JsonWebSignature();
             jws.setPayload(claims.toJson());
-            jws.setKey(rsaJsonWebKey.getPrivateKey());
+            jws.setKey(rsaJsonWebKey.getKey());
             jws.setKeyIdHeaderValue(rsaJsonWebKey.getKeyId());
-            jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
+            jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA512);
             token.setKey(jws.getCompactSerialization());
         } catch (JoseException ex) {
-            logger.severe(ex.getMessage());
+            ex.printStackTrace();
+            //  logger.severe(ex.getMessage());
         }
     }
     @Override
     public boolean validate() {
-        return true;
+        return getUser() != null;
     }
 }
@@ -5,7 +5,8 @@
  */
 package org.demoiselle.jee.security.token.impl;
-import java.security.Principal;
+import java.util.Iterator;
+import java.util.Map;
 import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.logging.Logger;
@@ -20,7 +21,7 @@ import org.demoiselle.jee.core.interfaces.security.TokensManager;
  *
  * @author 70744416353
  */
-@RequestScoped
+@Dependent
 public class TokensManagerImpl implements TokensManager {
     private final static ConcurrentHashMap<String, DemoisellePrincipal> repo = new ConcurrentHashMap<>();
@@ -45,13 +46,17 @@ public class TokensManagerImpl implements TokensManager {
             String value = UUID.randomUUID().toString();
             repo.put(value, user);
             token.setKey(value);
-            token.setType("Token");
+        } else {
+            repo.entrySet().parallelStream().filter((e) -> (user.equals(e.getValue()))).forEach((e) -> {
+                token.setKey((String) e.getKey());
+            });
         }
+        token.setType("Token");
     }
     @Override
     public boolean validate() {
-        return true;//(getUser() != null && repo.get(token.getKey()).);
+        return getUser() != null;
     }
 }
@@ -23,6 +23,10 @@
             <groupId>org.demoiselle.jee</groupId>
             <artifactId>demoiselle-core</artifactId>
         </dependency>
-
+        
+        <dependency>
+            <groupId>org.demoiselle.jee</groupId>
+            <artifactId>demoiselle-rest</artifactId>
+        </dependency>
     </dependencies>
 </project>
@@ -8,30 +8,31 @@ package org.demoiselle.jee.security.exception;
 import java.util.HashMap;
-import org.demoiselle.jee.core.exception.DemoiselleException;
+import org.demoiselle.jee.ws.jaxrs.exception.DemoiselleRESTException;
-public class DemoiselleSecurityException extends DemoiselleException {
+public class DemoiselleSecurityException extends DemoiselleRESTException {
-	private static final long serialVersionUID = 519965615171844237L;
+    private static final long serialVersionUID = 519965615171844237L;
-	private HashMap<String, String> messages = new HashMap<String, String>();
+    private HashMap<String, String> messages = new HashMap<String, String>();
-	private int statusCode;
+    private int statusCode;
-	public DemoiselleSecurityException(String string) {
-		super(string);
-	}
+    public DemoiselleSecurityException(String string) {
+        super(string);
+        this.statusCode = 401;
+    }
-	public int getStatusCode() {
-		return statusCode;
-	}
+    public int getStatusCode() {
+        return statusCode;
+    }
-	public void addMessage(String field, String msg) {
-		this.statusCode = 422;
-		messages.put(field, msg);
-	}
+    public void addMessage(String field, String msg) {
-	public HashMap<String, String> getMessages() {
-		return messages;
-	}
+        messages.put(field, msg);
+    }
+
+    public HashMap<String, String> getMessages() {
+        return messages;
+    }
 }
@@ -13,7 +13,7 @@ package org.demoiselle.jee.security.exception;
  *
  * @author SERPRO
  */
-public class NotLoggedInException extends AuthenticationException {
+public class NotLoggedInException extends DemoiselleSecurityException {
 	private static final long serialVersionUID = 1L;
@@ -27,4 +27,6 @@ public class NotLoggedInException extends AuthenticationException {
 	public NotLoggedInException(String message) {
 		super(message);
 	}
+        
+        
 }
@@ -0,0 +1,97 @@
+/*
+ * Demoiselle Framework
+ *
+ * License: GNU Lesser General Public License (LGPL), version 3 or later.
+ * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
+ */
+package org.demoiselle.jee.security.impl;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Objects;
+import javax.enterprise.context.RequestScoped;
+import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
+
+/**
+ *
+ * @author 70744416353
+ */
+@RequestScoped
+public class DemoisellePrincipalImpl implements DemoisellePrincipal {
+
+    private String id;
+    private String name;
+    private List<String> roles;
+    private Map<String, String> permissions;
+
+    @Override
+    public String getId() {
+        return id;
+    }
+
+    @Override
+    public void setId(String id) {
+        this.id = id;
+    }
+
+    @Override
+    public String getName() {
+        return name;
+    }
+
+    @Override
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    @Override
+    public List<String> getRoles() {
+        return roles;
+    }
+
+    @Override
+    public void setRoles(List<String> roles) {
+        this.roles = roles;
+    }
+
+    @Override
+    public Map<String, String> getPermissions() {
+        return permissions;
+    }
+
+    @Override
+    public void setPermissions(Map<String, String> permissions) {
+        this.permissions = permissions;
+    }
+
+    @Override
+    public int hashCode() {
+        int hash = 7;
+        hash = 37 * hash + Objects.hashCode(this.id);
+        return hash;
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj) {
+            return true;
+        }
+        if (obj == null) {
+            return false;
+        }
+        if (getClass() != obj.getClass()) {
+            return false;
+        }
+        final DemoisellePrincipalImpl other = (DemoisellePrincipalImpl) obj;
+        if (!Objects.equals(this.id, other.id)) {
+            return false;
+        }
+        return true;
+    }
+
+    @Override
+    public String toString() {
+        return "DemoisellePrincipalImpl{" + "id=" + id + ", name=" + name + ", roles=" + roles + ", permissions=" + permissions + '}';
+    }
+
+}
@@ -6,15 +6,17 @@
  */
 package org.demoiselle.jee.security.impl;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.stream.Collectors;
 import javax.enterprise.context.Dependent;
 import javax.inject.Inject;
 import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
-import org.demoiselle.jee.core.util.ResourceBundle;
-
 import org.demoiselle.jee.security.exception.NotLoggedInException;
 import org.demoiselle.jee.core.interfaces.security.SecurityContext;
 import org.demoiselle.jee.core.interfaces.security.TokensManager;
+import org.demoiselle.jee.security.message.DemoiselleSecurityMessages;
 /**
  * <p>
@@ -32,7 +34,7 @@ public class SecurityContextImpl implements SecurityContext {
     private TokensManager tm;
     @Inject
-    private ResourceBundle bundle;
+    private DemoiselleSecurityMessages bundle;
     /**
      * @see org.demoiselle.security.SecurityContext#hasPermission(String,
@@ -40,9 +42,11 @@ public class SecurityContextImpl implements SecurityContext {
      */
     @Override
     public boolean hasPermission(String resource, String operation) {
-        boolean result = true;
-
-        return result;
+        return (tm.getUser().getPermissions().entrySet()
+                .stream()
+                .filter(p -> p.getKey().equalsIgnoreCase(resource))
+                .filter(p -> p.getValue().equalsIgnoreCase(operation))
+                .count() > 0);
     }
     /**
@@ -50,9 +54,7 @@ public class SecurityContextImpl implements SecurityContext {
      */
     @Override
     public boolean hasRole(String role) {
-        boolean result = true;
-
-        return result;
+        return (tm.getUser().getRoles().parallelStream().filter(p -> p.equals(role)).count() > 0);
     }
     /**
@@ -66,7 +68,7 @@ public class SecurityContextImpl implements SecurityContext {
     @Override
     public void checkLoggedIn() throws NotLoggedInException {
         if (!isLoggedIn()) {
-            throw new NotLoggedInException(bundle.getString("user-not-authenticated"));
+            throw new NotLoggedInException(bundle.userNotAuthenticated());
         }
     }
@@ -6,13 +6,14 @@
 package org.demoiselle.jee.security.impl;
 import javax.enterprise.context.Dependent;
+import javax.enterprise.context.RequestScoped;
 import org.demoiselle.jee.core.interfaces.security.Token;
 /**
  *
  * @author 70744416353
  */
-@Dependent
+@RequestScoped
 public class TokenImpl implements Token {
     private String key;
@@ -0,0 +1,19 @@
+/*
+ * Demoiselle Framework
+ *
+ * License: GNU Lesser General Public License (LGPL), version 3 or later.
+ * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
+ */
+package org.demoiselle.jee.security.message;
+
+import org.apache.deltaspike.core.api.message.MessageBundle;
+import org.apache.deltaspike.core.api.message.MessageTemplate;
+
+@MessageBundle
+public interface DemoiselleSecurityMessages {
+
+	@MessageTemplate("{user-not-authenticated}")
+	String userNotAuthenticated();
+
+
+}
 \ No newline at end of file
@@ -1,12 +0,0 @@
-adding-message-to-context=Adicionando uma mensagem no contexto: [{0}]
-access-checking=Verificando permiss\u00e3o do usu\u00e1rio {0} para executar a a\u00e7\u00e3o {1} no recurso {2}
-access-allowed=O usu\u00e1rio {0} acessou o recurso {2} com a a\u00e7\u00e3o {1}
-access-denied=O usu\u00e1rio {0} n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o {1} no recurso {2}
-access-denied-ui=Voc\u00ea n\u00e3o est\u00e1 autorizado a executar a a\u00e7\u00e3o {1} no recurso {0}
-authorizer-not-defined=Nenhuma regra de resolu\u00e7\u00e3o de permiss\u00f5es foi definida. Para utilizar @{0} \u00e9 preciso definir a propriedade frameworkdemoiselle.security.authorizer.class como regra de resolu\u00e7\u00e3o de permiss\u00f5es desejada no arquivo demoiselle.properties.
-user-not-authenticated=Usu\u00e1rio n\u00e3o autenticado
-invalid-credentials=Usu\u00e1rio ou senha inv\u00e1lidos
-has-role-verification=Verificando se o usu\u00e1rio {0} possui a(s) role(s)\: {1}
-does-not-have-role=Usu\u00e1rio {0} n\u00e3o possui a(s) role(s)\: {1}
-does-not-have-role-ui=Para acessar este recurso \u00e9 necess\u00e1rio ser {0}
-user-has-role=Usu\u00e1rio {0} possui a(s) role(s)\: {1}
 \ No newline at end of file
@@ -0,0 +1,12 @@
+adding-message-to-context=Adicionando uma mensagem no contexto: [{0}]
+access-checking=Verificando permiss\u00e3o do usu\u00e1rio {0} para executar a a\u00e7\u00e3o {1} no recurso {2}
+access-allowed=O usu\u00e1rio {0} acessou o recurso {2} com a a\u00e7\u00e3o {1}
+access-denied=O usu\u00e1rio {0} n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o {1} no recurso {2}
+access-denied-ui=Voc\u00ea n\u00e3o est\u00e1 autorizado a executar a a\u00e7\u00e3o {1} no recurso {0}
+authorizer-not-defined=Nenhuma regra de resolu\u00e7\u00e3o de permiss\u00f5es foi definida. Para utilizar @{0} \u00e9 preciso definir a propriedade frameworkdemoiselle.security.authorizer.class como regra de resolu\u00e7\u00e3o de permiss\u00f5es desejada no arquivo demoiselle.properties.
+user-not-authenticated=Usu\u00e1rio n\u00e3o autenticado
+invalid-credentials=Usu\u00e1rio ou senha inv\u00e1lidos
+has-role-verification=Verificando se o usu\u00e1rio {0} possui a(s) role(s)\: {1}
+does-not-have-role=Usu\u00e1rio {0} n\u00e3o possui a(s) role(s)\: {1}
+does-not-have-role-ui=Para acessar este recurso \u00e9 necess\u00e1rio ser {0}
+user-has-role=Usu\u00e1rio {0} possui a(s) role(s)\: {1}
 \ No newline at end of file
	@@ -179,6 +179,18 @@		@@ -179,6 +179,18 @@
179	<artifactId>demoiselle-security</artifactId>	179	<artifactId>demoiselle-security</artifactId>
180	<version>${project.version}</version>	180	<version>${project.version}</version>
181	</dependency>	181	</dependency>
		182	+
		183	+ <dependency>
		184	+ <groupId>org.demoiselle.jee</groupId>
		185	+ <artifactId>demoiselle-rest</artifactId>
		186	+ <version>${project.version}</version>
		187	+ </dependency>
		188	+
		189	+ <dependency>
		190	+ <groupId>org.demoiselle.jee</groupId>
		191	+ <artifactId>demoiselle-persistence-jpa</artifactId>
		192	+ <version>${project.version}</version>
		193	+ </dependency>
182		194
183	</dependencies>	195	</dependencies>
184		196
@@ -0,0 +1,97 @@		@@ -0,0 +1,97 @@
	1	+/*
	2	+ * Demoiselle Framework
	3	+ *
	4	+ * License: GNU Lesser General Public License (LGPL), version 3 or later.
	5	+ * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
	6	+ */
	7	+package org.demoiselle.jee.security.impl;
	8	+
	9	+import java.util.List;
	10	+import java.util.Map;
	11	+import java.util.Objects;
	12	+import javax.enterprise.context.RequestScoped;
	13	+import org.demoiselle.jee.core.interfaces.security.DemoisellePrincipal;
	14	+
	15	+/**
	16	+ *
	17	+ * @author 70744416353
	18	+ */
	19	+@RequestScoped
	20	+public class DemoisellePrincipalImpl implements DemoisellePrincipal {
	21	+
	22	+ private String id;
	23	+ private String name;
	24	+ private List<String> roles;
	25	+ private Map<String, String> permissions;
	26	+
	27	+ @Override
	28	+ public String getId() {
	29	+ return id;
	30	+ }
	31	+
	32	+ @Override
	33	+ public void setId(String id) {
	34	+ this.id = id;
	35	+ }
	36	+
	37	+ @Override
	38	+ public String getName() {
	39	+ return name;
	40	+ }
	41	+
	42	+ @Override
	43	+ public void setName(String name) {
	44	+ this.name = name;
	45	+ }
	46	+
	47	+ @Override
	48	+ public List<String> getRoles() {
	49	+ return roles;
	50	+ }
	51	+
	52	+ @Override
	53	+ public void setRoles(List<String> roles) {
	54	+ this.roles = roles;
	55	+ }
	56	+
	57	+ @Override
	58	+ public Map<String, String> getPermissions() {
	59	+ return permissions;
	60	+ }
	61	+
	62	+ @Override
	63	+ public void setPermissions(Map<String, String> permissions) {
	64	+ this.permissions = permissions;
	65	+ }
	66	+
	67	+ @Override
	68	+ public int hashCode() {
	69	+ int hash = 7;
	70	+ hash = 37 * hash + Objects.hashCode(this.id);
	71	+ return hash;
	72	+ }
	73	+
	74	+ @Override
	75	+ public boolean equals(Object obj) {
	76	+ if (this == obj) {
	77	+ return true;
	78	+ }
	79	+ if (obj == null) {
	80	+ return false;
	81	+ }
	82	+ if (getClass() != obj.getClass()) {
	83	+ return false;
	84	+ }
	85	+ final DemoisellePrincipalImpl other = (DemoisellePrincipalImpl) obj;
	86	+ if (!Objects.equals(this.id, other.id)) {
	87	+ return false;
	88	+ }
	89	+ return true;
	90	+ }
	91	+
	92	+ @Override
	93	+ public String toString() {
	94	+ return "DemoisellePrincipalImpl{" + "id=" + id + ", name=" + name + ", roles=" + roles + ", permissions=" + permissions + '}';
	95	+ }
	96	+
	97	+}
	@@ -0,0 +1,19 @@		@@ -0,0 +1,19 @@
		1	+/*
		2	+ * Demoiselle Framework
		3	+ *
		4	+ * License: GNU Lesser General Public License (LGPL), version 3 or later.
		5	+ * See the lgpl.txt file in the root directory or <https://www.gnu.org/licenses/lgpl.html>.
		6	+ */
		7	+package org.demoiselle.jee.security.message;
		8	+
		9	+import org.apache.deltaspike.core.api.message.MessageBundle;
		10	+import org.apache.deltaspike.core.api.message.MessageTemplate;
		11	+
		12	+@MessageBundle
		13	+public interface DemoiselleSecurityMessages {
		14	+
		15	+ @MessageTemplate("{user-not-authenticated}")
		16	+ String userNotAuthenticated();
		17	+
		18	+
		19	+}
0	\ No newline at end of file	20	\ No newline at end of file
	@@ -1,12 +0,0 @@		@@ -1,12 +0,0 @@
1	-adding-message-to-context=Adicionando uma mensagem no contexto: [{0}]
2	-access-checking=Verificando permiss\u00e3o do usu\u00e1rio {0} para executar a a\u00e7\u00e3o {1} no recurso {2}
3	-access-allowed=O usu\u00e1rio {0} acessou o recurso {2} com a a\u00e7\u00e3o {1}
4	-access-denied=O usu\u00e1rio {0} n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o {1} no recurso {2}
5	-access-denied-ui=Voc\u00ea n\u00e3o est\u00e1 autorizado a executar a a\u00e7\u00e3o {1} no recurso {0}
6	-authorizer-not-defined=Nenhuma regra de resolu\u00e7\u00e3o de permiss\u00f5es foi definida. Para utilizar @{0} \u00e9 preciso definir a propriedade frameworkdemoiselle.security.authorizer.class como regra de resolu\u00e7\u00e3o de permiss\u00f5es desejada no arquivo demoiselle.properties.
7	-user-not-authenticated=Usu\u00e1rio n\u00e3o autenticado
8	-invalid-credentials=Usu\u00e1rio ou senha inv\u00e1lidos
9	-has-role-verification=Verificando se o usu\u00e1rio {0} possui a(s) role(s)\: {1}
10	-does-not-have-role=Usu\u00e1rio {0} n\u00e3o possui a(s) role(s)\: {1}
11	-does-not-have-role-ui=Para acessar este recurso \u00e9 necess\u00e1rio ser {0}
12	-user-has-role=Usu\u00e1rio {0} possui a(s) role(s)\: {1}
13	\ No newline at end of file	0	\ No newline at end of file
	@@ -0,0 +1,12 @@		@@ -0,0 +1,12 @@
		1	+adding-message-to-context=Adicionando uma mensagem no contexto: [{0}]
		2	+access-checking=Verificando permiss\u00e3o do usu\u00e1rio {0} para executar a a\u00e7\u00e3o {1} no recurso {2}
		3	+access-allowed=O usu\u00e1rio {0} acessou o recurso {2} com a a\u00e7\u00e3o {1}
		4	+access-denied=O usu\u00e1rio {0} n\u00e3o possui permiss\u00e3o para executar a a\u00e7\u00e3o {1} no recurso {2}
		5	+access-denied-ui=Voc\u00ea n\u00e3o est\u00e1 autorizado a executar a a\u00e7\u00e3o {1} no recurso {0}
		6	+authorizer-not-defined=Nenhuma regra de resolu\u00e7\u00e3o de permiss\u00f5es foi definida. Para utilizar @{0} \u00e9 preciso definir a propriedade frameworkdemoiselle.security.authorizer.class como regra de resolu\u00e7\u00e3o de permiss\u00f5es desejada no arquivo demoiselle.properties.
		7	+user-not-authenticated=Usu\u00e1rio n\u00e3o autenticado
		8	+invalid-credentials=Usu\u00e1rio ou senha inv\u00e1lidos
		9	+has-role-verification=Verificando se o usu\u00e1rio {0} possui a(s) role(s)\: {1}
		10	+does-not-have-role=Usu\u00e1rio {0} n\u00e3o possui a(s) role(s)\: {1}
		11	+does-not-have-role-ui=Para acessar este recurso \u00e9 necess\u00e1rio ser {0}
		12	+user-has-role=Usu\u00e1rio {0} possui a(s) role(s)\: {1}
0	\ No newline at end of file	13	\ No newline at end of file